Legal
Privacy Policy
XUVIAN VENTURES PLATFORM — NIEUW Solutions Pvt Ltd, operating as Xuvian Ventures
Contents
- Information We Collect
- How We Use Your Information
- Information Sharing and Disclosure
- Data Retention and Storage
- Cross-Border Data Transfers
- Your Privacy Rights and Choices
- Cookies and Tracking Technologies
- Data Security and Protection
- Compliance with Indian Privacy Laws
- Children's Privacy
- Updates to This Privacy Policy
- International Users and Jurisdictional Issues
- Contact Information and Privacy Inquiries
- Specific Terms for Business Users
1. Information We Collect
1.1 Information You Provide Directly
Account Registration Information
- Full name, email address, phone number
- Company name, brand name, business stage
- LinkedIn profile and professional background
- Business address and contact details
Business Information
- Company overview, mission, vision statements
- Financial information including funding history, projections, and cap table details
- Team information, organizational structure, and employee details
- Product descriptions, pitch decks, and business plans
- Market analysis, competitive information, and strategic plans
- Customer information, testimonials, and case studies
- Legal documents, compliance records, and intellectual property information
Platform Interactions
- Responses to platform questionnaires and assessments
- Messages and communications through the platform
- File uploads, documents, and multimedia content
- Investor interaction records and meeting notes
- Platform usage data and engagement metrics
1.2 Information We Collect Automatically
Technical Information
- IP address, device type, operating system, and browser information
- Platform usage patterns, features accessed, and time spent
- Log files, cookies, and similar tracking technologies
- Geographic location data (country/city level)
- Platform performance data and error reports
Platform Analytics
- User behavior patterns and navigation paths
- Feature usage statistics and engagement metrics
- Search queries and filter preferences
- Document access and sharing patterns
1.3 Information from Third Parties
We may collect information from social media platforms (LinkedIn, when you connect your account), business partners and incubators who refer you to our platform, public databases and business registries, credit agencies and background verification services, and investor networks and industry databases.
2. How We Use Your Information
2.1 Platform Services and Operations
- Service Delivery: Providing all platform features including profile management, investor matching, and communication tools
- Account Management: Creating and maintaining your account, authentication, and customer support
- Platform Improvement: Enhancing platform functionality, user experience, and developing new features
- Quality Assurance: Monitoring platform performance, troubleshooting issues, and ensuring service reliability
2.2 Business Operations and Communications
- Investor matching: connecting you with relevant investors based on your business profile and preferences
- Business communications: facilitating communications between startups, investors, and other platform users
- Educational content: providing learning resources, best practices, and industry insights
- Platform updates: sending notifications about new features, service changes, and important announcements
2.3 Marketing and Promotional Activities
Default Marketing Rights: By using our platform, you automatically grant us the right to use your information for success stories, marketing materials, industry examples, media and PR, events and conferences, and platform demonstrations. You may opt out of marketing usage by providing written notice to legal@xuvian.com with 30 days' advance notice.
2.4 Anonymized Data Usage and Platform Enhancement
We use anonymized and aggregated data for platform development, industry research, product innovation, academic partnerships, and business intelligence.
Guarantee: All data used for these purposes will be completely anonymized with no identifying information.
3. Information Sharing and Disclosure
3.1 Controlled Sharing Through Platform
- Investor Access: Information shared with investors only when you explicitly authorize such sharing through platform controls
- User-Controlled Permissions: You determine what information specific investors or partners can access
- Secure Communication: Facilitating communications while maintaining your control over information flow
3.2 Business Operations
We may share information with third-party service providers who assist in platform operations (hosting, analytics, customer support), business partners like incubators and accelerators, professional service providers when necessary, and verification services.
3.3 Legal and Regulatory Requirements
We may disclose information to comply with applicable laws, regulations, and legal processes, to regulatory authorities as required by law, to law enforcement agencies for legitimate investigations, and to comply with court orders, subpoenas, and other legal demands.
3.4 Business Transactions
Information may be transferred in connection with business mergers, acquisitions, asset sales, or corporate restructuring. Information may also be shared with potential investors or acquirers of Xuvian.
3.5 Emergency Situations
We may share information to protect the safety and security of users, the platform, or the public, and to prevent fraud, unauthorized access, or illegal activities.
4. Data Retention and Storage
4.1 Retention Periods
- Active Accounts: Information retained as long as your account remains active and for legitimate business purposes
- Inactive Accounts: Information retained for 3 years after account becomes inactive, unless legally required otherwise
- Financial Records: Financial and transaction data retained for 7 years for compliance purposes
- Marketing Materials: Content used in marketing materials may be retained indefinitely unless removal is specifically requested
- Legal Requirements: Information retained longer when required by applicable laws or ongoing legal proceedings
4.2 Data Storage and Security
- Personal data of Indian users stored within India as required by applicable regulations
- Industry-standard encryption, access controls, and security protocols
- Regular data backups for business continuity and disaster recovery
- Limited access to personal information on a need-to-know basis
4.3 Data Deletion
You may request deletion of your account and associated data. A 30-day data export period follows account termination before deletion. Some information may be retained if required by law or for legitimate business purposes. Anonymized and aggregated data may be retained indefinitely for platform improvement.
5. Cross-Border Data Transfers
5.1 International Operations
Our platform may be accessed by users and investors from multiple countries. Cross-border transfers may be necessary for platform functionality and investor connections. All international transfers comply with applicable Indian data protection laws.
5.2 Transfer Safeguards
- Standard contractual clauses for international data transfers
- Transfers to countries with adequate data protection levels as recognized by Indian authorities
- Explicit consent for transfers to countries without adequate protection
5.3 International Investor Connections
Connecting Indian startups with international investors may require data transfers. All transfers comply with FEMA and other applicable regulations. You control what information is shared with international investors.
6. Your Privacy Rights and Choices
6.1 Access and Control Rights
- View and download your personal information stored on the platform
- Update and modify your business profile and account information
- Control who can access specific information through platform permissions
- Manage email notifications and communication settings
6.2 Data Portability and Deletion
- Export your data in a structured, commonly used format
- Request deletion of your account and associated personal information
- Request deletion of specific information categories
- We will respond to requests within 30 days of receipt
6.3 Marketing and Communications
- Opt out of marketing usage by written notice to legal@xuvian.com
- Unsubscribe from marketing emails using provided links
- Manage types and frequency of communications received
6.4 Limitations on Rights
Some information may be retained for legal compliance purposes, or because it is necessary for ongoing business operations and platform functionality. Rights do not apply to completely anonymized data, or to information that affects the rights of other users or third parties.
7. Cookies and Tracking Technologies
7.1 Types of Cookies Used
- Essential Cookies: Necessary for platform functionality and security
- Performance Cookies: Analyzing platform usage and improving performance
- Functional Cookies: Remembering your preferences and settings
- Analytics Cookies: Understanding user behavior and platform effectiveness
7.2 Third-Party Cookies
Cookies from third-party service providers for analytics and functionality, social media platforms when you interact with integrated features, and for targeted advertising and marketing campaigns.
7.3 Cookie Management
You may manage cookies through your browser settings. Some third-party cookies can be disabled through opt-out mechanisms. Disabling certain cookies may affect platform functionality.
8. Data Security and Protection
8.1 Security Measures
- Industry-standard encryption for data transmission and storage
- Multi-factor authentication and role-based access controls
- Firewalls, intrusion detection, and network monitoring
- Periodic security assessments and vulnerability testing
8.2 Data Breach Response
- Established procedures for responding to security incidents
- User notification within 72 hours of confirmed breach affecting personal data
- Timely reporting to relevant authorities as required by law
- Immediate steps to contain breaches and prevent future incidents
8.3 Employee Training and Policies
- Regular training for employees on data protection and privacy practices
- Strict policies governing employee access to personal information
- All employees sign comprehensive confidentiality agreements
- Background verification for employees with access to sensitive data
9. Compliance with Indian Privacy Laws
9.1 Information Technology Act, 2000
- Implementation of security practices as per IT (Reasonable Security Practices) Rules, 2011
- Special protection for sensitive personal data including financial information
- Obtaining proper consent for collection and processing of personal information
- Compliance with breach notification requirements
9.2 Future Privacy Legislation
Policies will be updated to comply with the Personal Data Protection Bill when enacted. We continuously monitor and comply with evolving privacy regulations and implement international best practices for data protection.
9.3 Sectoral Regulations
- SEBI compliance where applicable to securities regulations
- RBI guidelines adherence for banking and financial data protection
- Compliance with Companies Act provisions regarding data protection
10. Children's Privacy
Our platform is intended for users 18 years and older. We do not knowingly collect information from children under 18. If we discover collection from minors, we will seek parental consent or delete the information. Age verification processes are applied during account registration.
11. Updates to This Privacy Policy
This policy is reviewed and updated periodically. Significant changes will be communicated through email or platform notifications with 30 days' advance notice for material changes affecting user rights. Continued platform use after changes constitutes acceptance of the updated policy. Previous versions are available upon request.
12. International Users and Jurisdictional Issues
This Privacy Policy is governed by Indian privacy and data protection laws. Disputes are subject to the jurisdiction of courts in Bengaluru, Karnataka. International users are responsible for compliance with their local privacy laws. Indian law prevails in case of conflicts with international regulations. International users consent to data transfers to India for platform operations.
13. Contact Information and Privacy Inquiries
Response Timelines
- General inquiries: within 7 business days
- Data subject requests: within 30 days
- Urgent security matters: within 24 hours
- Regulatory inquiries: as required by applicable law
14. Specific Terms for Business Users
Information processing is primarily for business-to-business commercial purposes. Most information collected relates to business and professional activities, processed based on legitimate business interests and commercial relationships. Business users warrant they have appropriate consent for any employee data shared on the platform. Employee data is used only for business purposes and platform functionality.
Privacy Contact Information
Data Protection Officer
NIEUW Solutions Pvt Ltd (Xuvian Ventures)
Pavani Sarovar, Nallurhalli Main Road, Whitefield, Bengaluru 560066
Email: legal@xuvian.com
This Privacy Policy has been drafted to comply with applicable Indian privacy laws including the Information Technology Act 2000, IT Rules 2011, and other relevant regulations. We recommend consulting with legal counsel for specific privacy law questions.